Welcome to Centmin Mod Community
Become a Member

Cannot issue SSL Cert using acme.sh

Discussion in 'Domains, DNS, Email & SSL Certificates' started by Manhhailua, Jul 11, 2016.

Tags:
  1. Manhhailua

    Manhhailua Member

    39
    2
    8
    Jul 7, 2016
    Hanoi
    Ratings:
    +5
    Local Time:
    2:03 PM
    1.11.1
    10.0.x
    I'm trying to issue SSL to my domain "codek.org" several times but failed (codek.org is a Nodejs site using Ghost Blog). I tried webroot mode:
    Code:
    $ ./acme.sh --issue -d codek.org -d www.codek.org -w /home/nginx/domains/codek.org/public/
    [Mon Jul 11 08:02:36 UTC 2016] Creating account key
    [Mon Jul 11 08:02:36 UTC 2016] Use default length 2048
    [Mon Jul 11 08:02:36 UTC 2016] Use length 2048
    [Mon Jul 11 08:02:36 UTC 2016] Registering account
    [Mon Jul 11 08:03:40 UTC 2016] Registered
    [Mon Jul 11 08:03:40 UTC 2016] Creating domain key
    [Mon Jul 11 08:03:40 UTC 2016] Use length 2048
    [Mon Jul 11 08:03:40 UTC 2016] Creating csr
    [Mon Jul 11 08:03:40 UTC 2016] Multi domain='DNS:www.codek.org'
    [Mon Jul 11 08:03:40 UTC 2016] Verify each domain
    [Mon Jul 11 08:03:40 UTC 2016] Getting webroot for domain='codek.org'
    [Mon Jul 11 08:03:40 UTC 2016] Getting token for domain='codek.org'
    [Mon Jul 11 08:04:44 UTC 2016] Getting webroot for domain='www.codek.org'
    [Mon Jul 11 08:04:44 UTC 2016] Getting token for domain='www.codek.org'
    [Mon Jul 11 08:05:46 UTC 2016] Verifying:codek.org
    [Mon Jul 11 08:07:24 UTC 2016] codek.org:Verify error:Invalid response from http://codek.org/.well-known/acme-challenge/Wqqb2jTxgnqyKfqFADBMA2r7T65hfKdikR-LUP7WlxQ: \
    
    Here are my nginx config files for "codek.org":
    *I turned off (comment out) preventing access to ./directory and files*

    codek.org.conf
    codek.org.ssl.conf

    My VPS configuration:
    Ram: 756MB
    OS: CentOS 7 x64
    Centmin: 123.09beta01
    Nodejs: 4.4.7
    Nginx: 1.11.2
     
    Last edited: Jul 11, 2016
  2. eva2000

    eva2000 Administrator Staff Member

    30,914
    6,909
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,405
    Local Time:
    5:03 PM
    Nginx 1.13.x
    MariaDB 5.5
    you disabled /usr/local/nginx/conf/staticfiles.conf include file which is also configured to handle letsencrypt domain verification
    Code (Text):
     # include /usr/local/nginx/conf/staticfiles.conf;

    specific context in staticfiles.conf
    Code (Text):
        # prepare for letsencrypt
        # https://community.centminmod.com/posts/17774/
        location ~ /.well-known {
            location ~ /.well-known/acme-challenge/(.*) {
                    more_set_headers    "Content-Type: text/plain";
            }
        }
    
     
    • Like Like x 2